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DETAILED ACTION 

1 . This Office action is in response to Applicants amendment filed on October 31 , 
2008. Claims 1 and 5 have been amended. Claims 1-2 and 4-6 are pending. 

Response to Arguments 
1 . Applicant's arguments filed October 31 , 2008 have been considered but are moot 
in view of the new ground(s) of rejection. 



Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 



1 . Claims 1 -2 and 4-6 are rejected under 35 U.S.C. 1 03(a) as being unpatentable 
over Yamaguchi et al. (hereinafter Yamaguchi) US Patent Number 5,604,807 in view of 
Keromytis et al. (hereinafter Keromytis) "Transparent Network Security Policy 
Enforcement", USENIX 2000 and in view Tanaka US 2002/0108043. 
As per claims 1 and 5: 

Yamaguchi teaches a central encryption management system, comprising: 
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an encryption apparatus which can be connected between a plurality of 
communications terminals, the plurality of communications terminals for performing data 
communications; (Figure 12, item 53, 54 and 55) 

the apparatus including encryption/decryption means for performing an 
encrypting process and a decrypting process on data to terminate encryption-based 
security between the communications terminals having the encrypting capability and 
the non-encrypting capability; (Figure 12, item 76) and 

a manager terminal for inputting various information for controlling encrypted- 
data communications into each of the encryption apparatus and the communications 
terminals remotely from the manager terminal over a network, so that settings for the 
encrypted data communications on each of the apparatus and the terminals are 
completed, wherein the various information includes at least one of the 
presence/absence of the encrypting/decrypting process, the communicability indicating 
that a packet is discarded between specific terminals, the encryption level, the time 
period for the encryption, the encryption policy for each division; (Figure 12, item 51; 
Figure 13; col. 3, line 62-col. 4, line 20; col. 12, lines 50-64; col. 13, line 60-col. 14, line 
12) 

wherein the plurality of communications terminals, the manager terminal, and the 
encryption apparatus are connected via a cable or wireless network, (figure 12, item 52) 

wherein the data is received with one of a plurality of ports of the encryption 
apparatus and the encrypting or decrypting process is performed on the data. (Figure 
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12, item 51; Figure 13; col. 3, line 62-col. 4, line 20; col. 12, lines 50-64; col. 13, line 60- 
col. 14, line 12) 

Yamaguchi does not explicitly disclose wherein the encryption apparatus further 
includes bridge means for allowing data to be outputted as it is from another port 
without any routing process; and wherein various information includes at least one of 
instructing whether or not data packets are to be discarded between specific terminals 
after the data packets have been received, and the time period for the encryption. 
Keromytis in analogous art, however, teaches wherein the encryption apparatus further 
includes bridge means for allowing data to be outputted as it is from another port 
without any routing process. (2.1 Layer-3Filtering; 2.2 Layer-2 Filtering; 2.4 Bridge 
Security; 3. Bridging and IPsec) Therefore it would have been obvious to one ordinary 
skill in the art at the time the invention was made to modify the system disclosed by 
Yamaguchi with Keromytis in order to provide transparent IPsec gateway capability for a 
host or even a network wherein the security gateway can act as a security policy 
enforcer, ensuring that incoming and outgoing packets are adequately protected, based 
on system or network policy. (1 . Introduction; Keromytis) 

Both references do not explicitly disclose wherein various information includes at 
least one of instructing whether or not data packets are to be discarded between 
specific terminals after the data packets have been received, and the time period for the 
encryption. Tanaka in analogous art, however, discloses wherein various information 
includes at least one of instructing whether or not data packets are to be discarded 
between specific terminals after the data packets have been received, and the time 
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period for the encryption, (page 4, pp. 62; page 5, pp. 82-85, 90-91 ) Therefore it would 
have been obvious to one ordinary skill in the art at the time the invention was made to 
modify the system disclosed by Yamaguchi and Keromytis with Tanaka in order to 
provide a signal to detect whether the input data has been encrypted at each time on 
the basis of an encryption period/non-encryption period, (page 4, pp. 62; Tanaka) 
As per claim 2: 

The combination of Yamaguchi, Keromytis and Tanaka teaches all the subject 
matter as discussed above. In addition, Yamaguchi further discloses a central 
encryption management system wherein the encryption/decryption means performs the 
encrypting process and the decrypting process on data, so that the encryption 
apparatus receives and retransmits data in the form of encrypted data from and to the 
communications terminal having the encrypting capability, and the encryption apparatus 
receives and retransmits the data in the form of non-encrypted data from and to the 
communications terminal having no encrypting capability, (col. 12, lines 50-64) 
As per claims 4 and 6: 

The combination of Yamaguchi, Keromytis and Tanaka teaches all the subject 
matter as discussed above. In addition, Yamaguchi further discloses a central 
encryption management system wherein the encryption apparatus further includes 
setting information storage means for storing the information inputted from the manager 
terminal, in which the inputted information is used when controlling the encrypting 
process and the decrypting process, and the encryption apparatus controls the 
encrypting process and the decrypting process by comparing the information stored in 
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the setting information storage means with header information of a data packet of the 
data received with one of the plurality of ports, (col. 1 1 , line 44-col. 1 2, line 45) 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to SHEWAYE GELAGAY whose telephone number is 
(571)272-4219. The examiner can normally be reached on 8:00 am to 5:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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Supervisory Patent Examiner, Art Unit 2437 



